Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Oct 07, 2022

=> Ubuntu: 'Pro' Offering, What's Coming in 22.10, and Embedded Space | today's howtos

=> ↺ Spectro Cloud

Reproducible Builds (diffoscope): diffoscope 224 released

=> ↺ Reproducible Builds (diffoscope): diffoscope 224 released

The diffoscope maintainers are pleased to announce the release of diffoscope version 224. This version includes the following changes:

iTWire - New firm aims to help Huawei avoid US sanctions: claim

=> ↺ iTWire - New firm aims to help Huawei avoid US sanctions: claim

A chip start-up known as Pengxinwei IC Manufacturing based in Shenzhen is allegedly aiming to help Huawei Technologies get around American sanctions that have crippled its smartphone business, the Bloomberg news agency claims.

The start-up is run by a former Huawei employee, Bloomberg said on Thursday, adding that the firm was receiving support from Huawei to order chipmaking gear which it hopes to obtain by the first half of 2023.

However, as Bloomberg admitted, Pengxinwei had not yet got off the ground, making a great deal of its extremely lengthy report speculative.

Hackers exploiting unpatched RCE bug in Zimbra Collaboration Suite [Ed: A patch has been out for ages]

=> ↺ Hackers exploiting unpatched RCE bug in Zimbra Collaboration Suite

Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS), a widely deployed web client and email server.

Researchers Warn of Unpatched, Actively Exploited Zimbra Flaw | Decipher [Ed: Patched ages ago]

=> ↺ Researchers Warn of Unpatched, Actively Exploited Zimbra Flaw | Decipher

A critical-severity, remote code execution vulnerability in Zimbra’s enterprise collaboration software and email platform is being actively exploited, with no patch currently available for the issue, warn researchers.

Security updates for Friday

=> ↺ Security updates for Friday

Security updates have been issued by Debian (dbus, isc-dhcp, and strongswan), Fedora (booth, php, php-twig, php-twig2, and php-twig3), Oracle (expat, prometheus-jmx-exporter, and squid), Red Hat (expat, openvswitch2.11, and squid), Scientific Linux (expat and squid), SUSE (exiv2, LibVNCServer, postgresql-jdbc, protobuf, python-PyJWT, python3, slurm, squid, and webkit2gtk3), and Ubuntu (libreoffice).

FBI and CISA Publish a PSA on Information Manipulation Tactics for 2022 Midterm Elections [Ed: Country that engages in election meddling all around the world claims to be protecting integrity of elections]

=> ↺ FBI and CISA Publish a PSA on Information Manipulation Tactics for 2022 Midterm Elections

The PSA also describes the extensive safeguards in place to protect election infrastructure and includes recommendations to assist the public in understanding how to find trustworthy sources of election-related information.

Spectro Cloud Strengthens Kubernetes Security at the Network Edge

=> ↺ Spectro Cloud Strengthens Kubernetes Security at the Network Edge

=> gemini.tuxmachines.org